Chapter 6:

Transport Layer
 Introduction: Role of the Transport Layer

The transport layer is:

•responsible for logical
communications between
applications running on different
hosts.
•The link between the application
layer and the lower layers that are
responsible for network
transmission.
 Transport Layer Responsibilities

The transport layer has the following

responsibilities:
•Tracking individual conversations
•Segmenting data and reassembling segments
•Adds header information
•Identify, separate, and manage multiple
conversations
•Uses segmentation and multiplexing to enable
different communication conversations to be
interleaved on the same network
● The network layer provides communication between two
hosts.

● The transport layer provides communication between

two processes running on different hosts.

● A process is an instance of a program that is running on a

host.

● There may be multiple processes communicating between

two hosts – for example, there could be a FTP session
and a Telnet session between the same two hosts.
● The transport layer provides a way to multiplex /
demultiplex communication between various processes.

● To provide multiplexing, the transport layer adds an

address to each segment indicating the source and
destination processes.

● Note these addresses need only be unique locally on

a given host.

● In TCP/IP these transport layer addresses are called

port-numbers.
Session Identifier (5-tuple): uniquely identifies a
process-to-process connection in the Internet.
• Sender IP address
• Sender port
• Destination IP address
• Destination port
• Transport layer protocol
Transport Layer Protocols

• IP does not specify how the

delivery or transportation of
the packets takes place.
• Transport layer protocols
specify how to transfer
messages between hosts, and
are responsible for managing
reliability requirements of a
conversation.
• The transport layer includes
the TCP and UDP protocols.
Transmission Control Protocol

TCP provides reliability and flow control.

TCP basic operations:
•Number and track data segments transmitted
to a specific host from a specific application
•Acknowledge received data
•Retransmit any unacknowledged data after a
certain amount of time
•Sequence data that might arrive in wrong
order
•Send data at an efficient rate that is
acceptable by the receiver
User Datagram Protocol (UDP)

UDP provides the basic functions for

delivering datagrams between the
appropriate applications, with very
little overhead and data checking.
•UDP is a connectionless protocol.
•UDP is known as a best-effort
delivery protocol because there is no
acknowledgment that the data is
received at the destination.
Right Transport Layer Protocol for the Right Application

UDP is also used by request-and-reply

applications where the data is minimal,
and retransmission can be done quickly.

If it is important that all the data arrives

and that it can be processed in its proper
sequence, TCP is used as the transport
protocol.
TCP Overview

10
TCP Overview
TCP Features

• Establishes a Session - TCP is a connection-oriented protocol that negotiates and

establishes a permanent connection (or session) between source and destination devices
prior to forwarding any traffic.
• Ensures Reliable Delivery - For many reasons, it is possible for a segment to become
corrupted or lost completely, as it is transmitted over the network. TCP ensures that each
segment that is sent by the source arrives at the destination.
• Provides Same-Order Delivery - Because networks may provide multiple routes that can
have different transmission rates, data can arrive in the wrong order.
• Supports Flow Control - Network hosts have limited resources (i.e., memory and
processing power). When TCP is aware that these resources are overtaxed, it can request
that the sending application reduce the rate of data flow.
TCP Overview
TCP Header
TCP is a stateful protocol which
means it keeps track of the state of
the communication session.

TCP records which information it has

sent, and which information has been
acknowledged.
TCP Overview
TCP Header Fields
TCP Header Field Description
Source Port A 16-bit field used to identify the source application by port number.
Destination Port A 16-bit field used to identify the destination application by port number.
Sequence Number A 32-bit field used for data reassembly purposes.
A 32-bit field used to indicate that data has been received and the next byte expected from the
Acknowledgment Number
source.

Header Length A 4-bit field known as ʺdata offsetʺ that indicates the length of the TCP segment header.

Reserved A 6-bit field that is reserved for future use.

A 6-bit field used that includes bit codes, or flags, which indicate the purpose and function of the
Control bits
TCP segment.
Window size A 16-bit field used to indicate the number of bytes that can be accepted at one time.
Checksum A 16-bit field used for error checking of the segment header and data.
Urgent A 16-bit field used to indicate if the contained data is urgent.
TCP Overview
Applications that use TCP

TCP handles all tasks associated

with dividing the data stream into
segments, providing reliability,
controlling data flow, and
reordering segments.
UDP Overview

15
UDP Overview

UDP Features
UDP features include the following:
•Data is reconstructed in the order that it is received.
•Any segments that are lost are not resent.
•There is no session establishment.
•The sending is not informed about resource availability.
UDP Overview
UDP Header
The UDP header is far simpler than the TCP header because it only has
four fields and requires 8 bytes (i.e. 64 bits).
UDP Overview
UDP Header Fields
The table identifies and describes the four fields in a UDP header.

UDP Header
Description
Field
Source Port A 16-bit field used to identify the source application by port number.
A 16-bit field used to identify the destination application by port
Destination Port
number.
Length A 16-bit field that indicates the length of the UDP datagram header.
A 16-bit field used for error checking of the datagram header and
Checksum
data.
UDP Overview
Applications that use UDP

• Live video and multimedia applications - These

applications can tolerate some data loss but require
little or no delay. Examples include VoIP and live
streaming video.
• Simple request and reply applications - Applications
with simple transactions where a host sends a request
and may or may not receive a reply. Examples include
DNS and DHCP.
• Applications that handle reliability themselves -
Unidirectional communications where flow control,
error detection, acknowledgments, and error recovery
is not required, or can be handled by the application.
Examples include SNMP and TFTP.
Port Numbers

20
Port Numbers
Multiple Separate Communications
TCP and UDP transport layer protocols use port numbers to manage multiple, simultaneous
conversations.

The source port number is associated with the originating application on the local host whereas the
destination port number is associated with the destination application on the remote host.
Port numbers
Socket Pairs
• The source and destination ports are placed
within the segment.
• The segments are then encapsulated within
an IP packet.
• The combination of the source IP address
and source port number, or the destination
IP address and destination port number is
known as a socket.
• Sockets enable multiple processes, running
on a client, to distinguish themselves from
each other, and multiple connections to a
server process to be distinguished from each
other.
Port Numbers
Port Number Groups
Port Group Number Range Description

•These port numbers are reserved for common or popular services and applications
Well-known such as web browsers, email clients, and remote access clients.
0 to 1,023
Ports •Defined well-known ports for common server applications enables clients to easily
identify the associated service required.
•These port numbers are assigned by IANA to a requesting entity to use with
specific processes or applications.
•These processes are primarily individual applications that a user has chosen to
Registered Ports 1,024 to 49,151 install, rather than common applications that would receive a well-known port
number.
•For example, Cisco has registered port 1812 for its RADIUS server authentication
process.
•These ports are also known as ephemeral ports.
•The client’s OS usually assign port numbers dynamically when a connection to a
Private and/or D
49,152 to 65,535 service is initiated.
ynamic Ports
•The dynamic port is then used to identify the client application during
communication.
Port Numbers
Port Number Groups (Cont.)
Well-Known Port Numbers
Port Number Protocol Application
20 TCP File Transfer Protocol (FTP) - Data
21 TCP File Transfer Protocol (FTP) - Control
22 TCP Secure Shell (SSH)
23 TCP Telnet
25 TCP Simple Mail Transfer Protocol (SMTP)
53 UDP, TCP Domain Name Service (DNS)
67 UDP Dynamic Host Configuration Protocol (DHCP) - Server
68 UDP Dynamic Host Configuration Protocol - Client
69 UDP Trivial File Transfer Protocol (TFTP)
80 TCP Hypertext Transfer Protocol (HTTP)
110 TCP Post Office Protocol version 3 (POP3)
143 TCP Internet Message Access Protocol (IMAP)
161 UDP Simple Network Management Protocol (SNMP)
443 TCP Hypertext Transfer Protocol Secure (HTTPS)
Port Numbers
The netstat Command
Unexplained TCP connections can pose a major security threat. Netstat
is an important tool to verify connections.

C:\> netstat
Active Connections
Proto Local Address Foreign Address State
TCP 192.168.1.124:3126 192.168.0.2:netbios-ssn ESTABLISHED
TCP 192.168.1.124:3158 207.138.126.152:http ESTABLISHED
TCP 192.168.1.124:3159 207.138.126.169:http ESTABLISHED
TCP 192.168.1.124:3160 207.138.126.169:http ESTABLISHED
TCP 192.168.1.124:3161 sc.msn.com:http ESTABLISHED
TCP 192.168.1.124:3166 www.cisco.com:http ESTABLISHED
TCP Header Details
 TCP Segment Header

24.27
 Byte Number
• The bytes of data being transferred in each
connection are numbered by TCP.
• The numbering starts with an arbitrarily generated
number.
• An arbitrary number between 0 and 232 − 1 for the
number of the first byte.
• For example if the number of the first byte happens to be 1067
and the total data to be sent is 3000 bytes .
• What is the byte number for the first byte of data and last byte
of data?
First Byte Number Last Byte Number
1067 4066
 Sequence Numbers
• The sequence number of the first segment is the ISN (initial sequence number), which
is a random number (byte number).

• The sequence number of any other segment is the sequence number of the previous
segment plus the number of bytes (real or imaginary) carried by the previous
segment.

• Suppose a TCP connection is transferring a file of 5,000 bytes. The first byte is
numbered 10,001. What are the sequence numbers for each segment if data are sent
in five segments, each carrying 1,000 bytes?
• Solution:
 Acknowledgement Number
• For example if the sender receives 1001 as the acknowledgement
number.
• What does it mean?
Received all data up to
Note :This does not indicate
1000, tells the sender that it ready
receiver has received 1000 bytes
to receive the next data from 1001
of data.
byte number.
• If receiving host TCP receives uncorrupted data,
then…
• It is acknowledged using the acknowledgement
number

• The value of the acknowledgment field in a

segment defines the number of the next byte
the receiver expects to receive.
 Acknowledgement Number

Expectational Acknowledgement
 Acknowledgement Number
• The acknowledgment number is cumulative.
• Receiver acknowledges multiple data segments in one
acknowledgement.

Sender

Receiver
 Header Length

• Header Length :
▪ Indicates the number of 4-byte words
▪ The length of the header can be between 20 and 60 bytes
 Control Bits

• Control Bits:
▪ This field defines 6 different control bits or flags
▪ One or more of these bits can be set at a time
▪ These bits help indicate connection establishment
and termination, flow control
 Window Size

• Window Size:
▪ This field defines size of data in bytes of the sending TCP process
▪ The maximum size of the window is 65,535 bytes
▪ Normally referred to as the receiving window (rwnd )
▪ The sender must obey the dictation of the receiver in this case
 Checksum
• This 16 bits field is used to detect errors (i.e., flipped bits) in the transmitted
segment (intentionally or unintentionally) while traveling through the network.
• Also present in UDP header UDP HEADER

• Mandatory in TCP but not in UDP

• Process is same for both protocols

▪ TCP/UDP Header
▪ TCP/UDP Body
▪ Pseudo IP Header
 Urgent Pointer
• This 16-bit field, which is valid only if the urgent flag is set.
• Used when the segment contains urgent data.
• It defines a value that must be added to the sequence number
to obtain the number of the last urgent byte in the data section
of the segment.

1500

1oo1 1001+1500
 Options

▪ There can be up to 40 bytes of optional information in the TCP

header
▪ Provides a way to deal with limitations of the original header
▪ For example :
• MSS (Maximum Segment Size) is defined as the largest block of data
that a sender using TCP will send to the receiver
TCP Communication Process

39
TCP Communication Process
TCP Server Processes
Each application process running on a server is
configured to use a port number.
•An individual server cannot have two services
assigned to the same port number within the same
transport layer services.
•An active server application assigned to a specific
port is considered open, which means that the
transport layer accepts, and processes segments
addressed to that port.
•Any incoming client request addressed to the
correct socket is accepted, and the data is passed to
the server application.
TCP Communication Process
TCP Connection Establishment

Step 1: The initiating client

requests a client-to-server
communication session with
the server.
Step 2: The server
acknowledges the
client-to-server communication
session and requests a
server-to-client communication
session.
Step 3: The initiating client
acknowledges the
server-to-client communication
session.
TCP Communication Process
Session Termination
Step 1: When the client has no more data to
send in the stream, it sends a segment with the
FIN flag set.
Step 2: The server sends an ACK to
acknowledge the receipt of the FIN to
terminate the session from client to server.
Step 3: The server sends a FIN to the client to
terminate the server-to-client session.
Step 4: The client responds with an ACK to
acknowledge the FIN from the server.
TCP Communication Process
TCP Three-Way Handshake Analysis

Functions of the Three-Way Handshake:

• It establishes that the destination device is present on the
network.
• It verifies that the destination device has an active service
and is accepting requests on the destination port number
that the initiating client intends to use.
• It informs the destination device that the source client
intends to establish a communication session on that port
number.
After the communication is completed the sessions are closed, and
the connection is terminated. The connection and session
mechanisms enable TCP reliability function.
 TCP Communication Process
TCP Three-Way Handshake Analysis (Cont.)

The six control bit flags are as

follows:
• URG - Urgent pointer field
significant
• ACK - Acknowledgment flag
used in connection
establishment and session
termination
• PSH - Push function
• RST - Reset the connection
when an error or timeout
occurs
• SYN - Synchronize sequence
numbers used in connection
establishment
• FIN - No more data from sender
and used in session termination
Reliability and Flow Control

45
Reliability and Flow Control
TCP Reliability- Guaranteed and Ordered Delivery

• TCP can also help maintain the flow of

packets so that devices do not become
overloaded.
• There may be times when TCP segments
do not arrive at their destination or
arrive out of order.
• All the data must be received and the
data in these segments must be
reassembled into the original order.
• Sequence numbers are assigned in the
header of each packet to achieve this
goal.
Reliability and Flow Control
TCP Reliability – Data Loss and Retransmission
No matter how well designed a network is,
data loss occasionally occurs.
TCP provides methods of managing these
segment losses. Among these is a
mechanism to retransmit segments for
unacknowledged data.
Reliability and Flow Control
TCP Reliability – Data Loss and Retransmission (Cont.)

Host operating systems today typically

employ an optional TCP feature called
selective acknowledgment (SACK), negotiated
during the three-way handshake.
If both hosts support SACK, the receiver can
explicitly acknowledge which segments
(bytes) were received including any
discontinuous segments.
Reliability and Flow Control
TCP Flow Control – Window Size and Acknowledgments
TCP also provides mechanisms for flow
control as follows:

•Flow control is the amount of data that

the destination can receive and process
reliably.

•Flow control helps maintain the reliability

of TCP transmission by adjusting the rate
of data flow between source and
destination for a given session.
Reliability and Flow Control
TCP Flow Control – Maximum Segment Size
Maximum Segment Size (MSS) is the
maximum amount of data that the
destination device can receive.

•A common MSS is 1,460 bytes when

using IPv4.
•A host determines the value of its MSS
field by subtracting the IP and TCP
headers from the Ethernet maximum
transmission unit (MTU), which is 1500
bytes be default.
•1500 minus 40 (20 bytes for the IPv4
header and 20 bytes for the TCP header)
leaves 1460 bytes.
Reliability and Flow Control
TCP Flow Control – Congestion Avoidance
When congestion occurs on a network,
it results in packets being discarded by
the overloaded router.

To avoid and control congestion, TCP

employs several congestion handling
mechanisms, timers, and algorithms.
 Congestion
Congestion arises when the total load on the network becomes too large. This
leads to queues building up and to long delays

If sources retransmit messages, then this can lead to even more congestion
and eventually to congestion collapse.
Notice, as the offered load increase, the number of packets delivered at first
increases, but at high enough loads, this rapidly decreases.
 Congestion
Notice, as the offered load increase, the number of packets delivered at
first increases, but at high enough loads, this rapidly decreases.
 Approaches to Congestion
Control
Congestion control may be addressed at both the
network level and the transport layer.

At the network layer possible approaches include:

Packet dropping 🡪 when a buffer becomes full a router can

drop waiting packets - if not coupled with some other
technique, this can lead to greater congestion through
retransmissions.

Packet scheduling 🡪 certain scheduling policies may

help in avoiding congestion - in particular scheduling can
help to isolate users that are transmitting at a high rate.
 Approaches to Congestion
Control
Dynamic routing 🡪 when a link becomes congested,
change the routing to avoid this link - this only helps up
to a point (eventually all links become congested) and
can lead to instabilities

Admission control/Traffic policing - Only allow

connections in if the network can handle them and
make sure that admitted sessions do not send at too
high of a rate - only useful for connection-oriented
networks.
 Approaches to Congestion
Control
An approach that can be used at either the network or
transport layers is

Rate control 🡪 this refers to techniques where the

source rate is explicitly controlled based on feedback
from either the network and/or the receiver.

For example, routers in the network may send a

source a "choke packet" upon becoming congested.
When receiving such a packet, the source should
lower it rate.
 Approaches to Congestion
These
Control
approaches can be classified as either
"congestion avoidance" approaches, if they try to
prevent congestion from ever occurring, or as
"congestion recovery" approaches, if they wait until
congestion occurs and then react to it. In general, “better
to prevent than to recover."

Different networks have used various combinations of all

these approaches.

Traditionally, rate control at the transport layer has

been used in the Internet, but new approaches are
beginning to be used that incorporate some of the network
layer techniques discussed above.
 Congestion Control in TCP
TCP implements end-to-end congestion control. TCP
detects congestion via the ACK's from the sliding-window
ARQ algorithm used for providing reliable service.

When the source times out before receiving an ACK,

the most likely reason is because a link became
congested. TCP uses this as an indication of congestion.
In this case, TCP will slow down the transmission rate.

TCP controls the transmission rate of a source by

varying the window size used in the sliding window
protocol.
 Slow Start
Initial CW = 1. sender receiver
After each ACK, CW += 1;
Continue until: one segme
nt

T
T
R
• Loss occurs OR
• CW > slow start threshold two segme
nts

Then switch to congestion avoidance

If we detect loss, cut CW in half
four segme
nts
Exponential increase in window size
per RTT

time
 Congestion Avoidance
Until (loss) {
after CW packets ACKed:
CW += 1;
}

TCP Reno: CW = CW/2 after loss

TCP Tahoe: CW=1 after a loss

Mathematical
Problem 1
At a given moment of data transferring,
the client sent the C2 segment with
sequence number 5044 and
acknowledgment number 2024. The data
sent through C1, C2, S1, S2, S3, S4 are 192,
250, 350, 127, 412 and 387 Bytes
respectively.
a) Calculate the sequence and
acknowledgment number of the S4
segment.
b) Calculate the acknowledgment number
of the ACK-2 segment
c) Calculate the acknowledgment number
of the ACK-3 segment if the Go-Back-N
sliding window protocol is used.
Mathematical Problem 2
In a selective-repeat TCP connection, an HTTP request (234 bytes each) is
sent for each of the data segments (889 bytes each). Like this, a total of 20
data segments are sent from the server. Furthermore, the client has an ISN
of 8924 and the server has an ISN of 203.
I. Calculate the sequence and acknowledgment number of the 4th data
segment.
The 10th data segment got lost on its way to the client.
II. What’s the sequence and acknowledgment number of the 13th HTTP
request that’s sent to the server?
After 14th data segment, the 10th segment is resent.
III. What will be the sequence and acknowledgement numbers of the 15th
HTTP request?